BUY THIS BOOK
Print Book $39.95
Safari Books Online
Print Book £28.50
Looking to Reprint this content?
By John Viega, Matt Messier, Pravir Chandra
June 2002
Pages: 384
ISBN 10: 0-596-00270-X |
ISBN 13: 9780596002701
(Average of 6 Customer Reviews)
OpenSSL is a popular and effective open source version of SSL/TLS, the most widely used protocol for secure network communications. The only guide available on the subject, Network Security with OpenSSLdetails the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. Focused on the practical, this book provides only the information that is necessary to use OpenSSL safely and effectively.
Full Description
Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.
The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.
Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges.
As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.
OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.
Browse within this book
Cover | Table of Contents | Colophon
Featured customer reviews
Network Security with OpenSSL Review, April 29 2004
Submitted by Anonymous Reader [Respond | View]
The examples assume that the user is running them on a platform which supports the openssl software. Overall, the book is an excellent resource for programming with openssl.
Network Security with OpenSSL Review, January 16 2004
Rating:
Submitted by Terry Horsnell
[Respond | View]
I couldnt cope with SSL without this book, but I am knee-deep in
acronyms. A glossary would be a great help (it would save me compiling my own).
Network Security with OpenSSL Review, September 03 2003
Rating:
Submitted by Eric Kampman
[Respond | View]
This book has been tremendously helpful in wading through the enormity of OpenSSL. However, it cannot be stressed enough that chapter 5 is useless without downloading the examples from the www.oreilly.com site. In particular, the commands in the sidebar on pages 124-125 contain references to a .cnf file that is not available (anywhere, as far as I can tell). I suspect this is why there is a dramatic difference in opinions as to the usability of the examples -- one reviewer was trying to do this by hand; the other simply downloaded, tweaked, built and ran. I personally like to type the code in by hand, so I found this problem, and the lack of helpful information in the errata pages, very annoying.
This serious flaw mars an otherwise great book.
Network Security with OpenSSL Review, April 29 2003
Rating:
Submitted by Antonio Rodriguez of the Columbia Java Users Group
[Respond | View]
OpenSSL is a terrific programming resource, but the online documentation on it
is hard to understand and index. This book brings most of it all together, and
provides enough examples to answer most of your questions.
One thing that it lacks is tie-ins with Java; most of its examples are in Perl
and Python. I'm currently trying to see if certain ideas can be implemented in Java.
A great book, and great read!
Network Security with OpenSSL Review, March 29 2003
Rating:
Submitted by Martin Cooper
[Respond | View]
Overall an excellent book. Before reading this book, I had played a little with OpenSSL, but found it very difficult to piece together the information needed to make use of the library. This book covered all of my problems, and gave me a good basic foundation in using the library. The only comment I can make is that the README file with the enclosed examples is a little unclear about how to compile the code, so ignore the chapter named files, and look in the ssl directory.
Network Security with OpenSSL Review, October 01 2002
Rating:
Submitted by Kevin J. Schmidt
[Respond | View]
This book is for anyone who wants to do real OpenSSL development. The authors have taken all the pain and headache out of trying to learn OpenSSL. The examples in this book are clear and easy to follow. Topics like PKI, certificate generation and management, and certificate authorities (CAs) are covered with the right amount of theory and practice.
Unlike one reviewer who had problems compiling the source code examples, I had no problem building and running all the examples on Linux. The only complaint I have is that each example is broken out into a seperate file, which can make it a little tough to piece back together, but even a novice C developer should have no problems.
Network Security with OpenSSL Review, September 19 2002
Rating:
Submitted by Peter Grossman
[Respond | View]
Examples are virtually unrunnable.
Specifically, there are no compile, link or platform instructions.
In addition, the examples are broken up into modules (Some without required #include's) and the required combination of source code to create a buildable app is left to the reader as an exercise.
I cannot imagine a platform upon which these examples could run.
Media reviews "...a good introduction and a useful reference guide."
--Gregory V. Wilson, Dr. Dobbs Journal, Feb 2003
"If you are looking at using OpenSSL in any programming capacity, you'll be hard pushed to find anything which is as informative and easy to read as this."
--LinuxFormat, Nov 2002
"The latest offering to O'Reilly's 'must-have references' is 'Network Security with OpenSSL.' The book covers pretty much all you'd ever need to know about using OpenSSL in your programs...It's chock full of great coverage on programming with OpenSLL, and is probably the single best reference for OpenSSL out there. Don't hesitate to add this one to your library, it'll be money well spent."
--Joe "Zonker" Brockmeier, UnixReview Oct 29.
Read all reviews
Got a Question?
 © 2008, O'Reilly Media, Inc. (707) 827-7000 / (800) 998-9938 All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. |
About O'Reilly Privacy Policy Contacts Authors Press Room Jobs User Groups Academic Solutions Newsletters Writing for O'Reilly RSS Feeds |
Other O'Reilly Sites O'Reilly Radar Ignite Tools of Change for Publishing Digital Media makezine.com craftzine.com hackzine.com perl.com xml.com |
Sponsored Sites Inside Aperture Inside iPhone Inside Lightroom Inside Port 25 InsideRIA |